Aruba ClearPass Manager Web UI Auth RCE
CVE-2025-25039 Published on February 4, 2025
Authenticated Remote Command Injection in HPE Aruba Networking ClearPass Policy Manager Web-Based Management Interface
A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager (CPPM) allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as a lower privileged user on the underlying operating system.
Vulnerability Analysis
CVE-2025-25039 can be exploited with network access, and requires user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be low. considered to have a small impact on confidentiality and integrity and availability.
Weakness Type
What is a Shell injection Vulnerability?
The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
CVE-2025-25039 has been classified to as a Shell injection vulnerability or weakness.
Products Associated with CVE-2025-25039
Want to know whenever a new CVE is published for Aruba Networks Clearpass Policy Manager? stack.watch will email you.
Affected Versions
Hewlett Packard Enterprise (HPE) HPE Aruba Networking ClearPass Policy Manager:- Version 6.12.0, <= <=6.12.3 is affected.
- Version 6.11.0, <= <=6.11.9 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.